VYPR
Unrated severityNVD Advisory· Published Dec 17, 2015· Updated Jun 17, 2026

CVE-2015-8601

CVE-2015-8601

Description

The Chat Room module 7.x-2.x before 7.x-2.2 for Drupal does not properly check permissions when setting up a websocket for chat messages, which allows remote attackers to bypass intended access restrictions and read messages from arbitrary Chat Rooms via unspecified vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:chat_room_project:chat_room:7.x-2.0:*:*:*:*:drupal:*:*+ 1 more
    • cpe:2.3:a:chat_room_project:chat_room:7.x-2.0:*:*:*:*:drupal:*:*
    • cpe:2.3:a:chat_room_project:chat_room:7.x-2.1:*:*:*:*:drupal:*:*

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.